Error Log is filling up

[lgilsenberg]

Below is my error log from today.  Am I being hacked or just being stupid?  Any thoughts on how to clean it up?

Sun 2023/11/05 01:16:07 AM    System    -5011    uuid:0    
Sun 2023/11/05 01:46:18 AM    System    -170001    [Auth:-10104] 68.69.185.50:50950->80, Num=7
Sun 2023/11/05 01:46:18 AM    System    -10108    Check log    
Sun 2023/11/05 01:49:06 AM    System    -170001    [Auth:-10104] 2.57.122.233:51112->80, Num=8
Sun 2023/11/05 01:49:06 AM    System    -10108    Check log    
Sun 2023/11/05 01:00:07 AM    System    -7123    ID 000F :err=0, tag='status', num=44, nest=4, o    
Sun 2023/11/05 01:00:07 AM    System    -7115    ID 0022 :err=0, tag='cmd', num=4, nest=4, offse    
Sun 2023/11/05 01:00:08 AM    System    -7115    ID 0034 :err=0, tag='cmd', num=4, nest=4, offse    
Sun 2023/11/05 01:00:10 AM    System    -7115    ID 0096 :err=0, tag='cmd', num=4, nest=4, offse    
Sun 2023/11/05 01:00:11 AM    System    -7123    ID 00AB :err=0, tag='status', num=44, nest=4, o    
Sun 2023/11/05 01:00:11 AM    System    -7123    ID 00BA :err=0, tag='status', num=44, nest=4, o    
Sun 2023/11/05 01:39:34 AM    System    -170001    [Auth:-10104] 64.226.98.14:43958->80, Num=9
Sun 2023/11/05 01:39:34 AM    System    -10108    Check log    
Sun 2023/11/05 01:39:37 AM    System    -170001    [Auth:-10104] 64.226.98.14:43962->80, Num=10
Sun 2023/11/05 01:39:37 AM    System    -10108    Check log    
Sun 2023/11/05 02:05:22 AM    System    -170001    [Auth:-10104] 184.105.139.70:16952->443, Num=1
Sun 2023/11/05 02:05:22 AM    System    -10108    Check log    
Sun 2023/11/05 02:05:51 AM    System    -170001    [Auth:-10104] 184.105.139.70:34834->443, Num=1
Sun 2023/11/05 02:05:51 AM    System    -10108    Check log    
Sun 2023/11/05 02:16:05 AM    System    -5011    uuid:0    
Sun 2023/11/05 03:22:36 AM    System    -170001    [Auth:-10104] 107.175.212.32:49180->80, Num=13
Sun 2023/11/05 03:22:36 AM    System    -10108    Check log    
Sun 2023/11/05 04:16:06 AM    System    -5011    uuid:0    
Sun 2023/11/05 04:37:14 AM    System    -170001    [Auth:-10104] 209.201.15.190:38322->80, Num=14
Sun 2023/11/05 04:37:14 AM    System    -10108    Check log    
Sun 2023/11/05 04:37:14 AM    System    -170001    [Auth:-10104] 209.201.15.190:38354->80, Num=15
Sun 2023/11/05 04:37:14 AM    System    -10108    Check log    
Sun 2023/11/05 05:20:02 AM    System    -170001    [Auth:-10104] 192.241.236.81:39558->443, Num=1
Sun 2023/11/05 05:20:02 AM    System    -10108    Check log    
Sun 2023/11/05 06:16:07 AM    System    -5011    uuid:0    
Sun 2023/11/05 06:17:43 AM    System    -170001    [Auth:-10104] 34.78.54.63:38046->443, Num=17
Sun 2023/11/05 06:17:43 AM    System    -10108    Check log    
Sun 2023/11/05 07:40:49 AM    System    -170001    [Auth:-10104] 69.162.243.124:60896->80, Num=18
Sun 2023/11/05 07:40:49 AM    System    -10108    Check log    
Sun 2023/11/05 07:40:49 AM    System    -170001    [Auth:-10104] 69.162.243.124:60914->80, Num=19
Sun 2023/11/05 07:40:49 AM    System    -10108    Check log    
Sun 2023/11/05 07:42:08 AM    System    -170001    [Auth:-10104] 147.78.103.170:60019->80, Num=20
Sun 2023/11/05 07:42:08 AM    System    -10108    Check log    
Sun 2023/11/05 07:42:08 AM    System    -170001    [Auth:-10104] 147.78.103.170:60019->80, Num=21
Sun 2023/11/05 07:42:08 AM    System    -10108    Check log    
Sun 2023/11/05 07:42:08 AM    System    -170001    [Auth:-10104] 147.78.103.170:60019->80, Num=22
Sun 2023/11/05 07:42:08 AM    System    -10108    Check log    
Sun 2023/11/05 07:42:09 AM    System    -170001    [Auth:-10104] 147.78.103.170:60954->80, Num=23
Sun 2023/11/05 07:42:09 AM    System    -10108    Check log    
Sun 2023/11/05 07:42:10 AM    System    -170001    [Auth:-10104] 147.78.103.170:61570->80, Num=24
Sun 2023/11/05 07:42:10 AM    System    -10108    Check log    
Sun 2023/11/05 07:42:10 AM    System    -170001    [Auth:-10104] 147.78.103.170:62189->80, Num=25
Sun 2023/11/05 07:42:10 AM    System    -10108    Check log    
Sun 2023/11/05 07:42:10 AM    System    -170001    [Auth:-10104] 147.78.103.170:62189->80, Num=26
Sun 2023/11/05 07:42:10 AM    System    -10108    Check log    
Sun 2023/11/05 07:42:11 AM    System    -170001    [Auth:-10104] 147.78.103.170:62189->80, Num=27
Sun 2023/11/05 07:42:11 AM    System    -10108    Check log    
Sun 2023/11/05 07:42:11 AM    System    -170001    [Auth:-10104] 147.78.103.170:62189->80, Num=28
Sun 2023/11/05 07:42:11 AM    System    -10108    Check log    
Sun 2023/11/05 07:42:11 AM    System    -170001    [Auth:-10104] 147.78.103.170:62189->80, Num=29
Sun 2023/11/05 07:42:11 AM    System    -10108    Check log    
Sun 2023/11/05 07:42:11 AM    System    -170001    [Auth:-10104] 147.78.103.170:62189->80, Num=30
Sun 2023/11/05 07:42:11 AM    System    -10108    Check log    
Sun 2023/11/05 07:42:11 AM    System    -170001    [Auth:-10104] 147.78.103.170:62189->80, Num=31
Sun 2023/11/05 07:42:11 AM    System    -10108    Check log    
Sun 2023/11/05 07:51:30 AM    System    -170001    [Auth:-10104] 94.142.138.104:45722->443, Num=3
Sun 2023/11/05 07:51:30 AM    System    -10108    Check log    
Sun 2023/11/05 07:51:46 AM    System    -170001    [Auth:-10104] 94.142.138.104:44362->443, Num=3
Sun 2023/11/05 07:51:46 AM    System    -10108    Check log    
Sun 2023/11/05 08:16:07 AM    System    -5011    uuid:0    
Sun 2023/11/05 09:56:46 AM    System    -170001    [Auth:-10104] 164.92.232.89:53526->443, Num=34
Sun 2023/11/05 09:56:46 AM    System    -10108    Check log    
Sun 2023/11/05 09:56:49 AM    System    -170001    [Auth:-10104] 164.92.232.89:56792->443, Num=35
Sun 2023/11/05 09:56:49 AM    System    -10108    Check log    
Sun 2023/11/05 10:16:08 AM    System    -5011    uuid:0    
Sun 2023/11/05 10:57:38 AM    System    -7123    ID 000F :err=0, tag='status', num=44, nest=4, o    
Sun 2023/11/05 10:57:38 AM    System    -7115    ID 0022 :err=0, tag='cmd', num=4, nest=4, offse    
Sun 2023/11/05 10:57:39 AM    System    -7115    ID 0034 :err=0, tag='cmd', num=4, nest=4, offse    
Sun 2023/11/05 10:57:41 AM    System    -7115    ID 0096 :err=0, tag='cmd', num=4, nest=4, offse    
Sun 2023/11/05 10:57:42 AM    System    -7123    ID 00AB :err=0, tag='status', num=44, nest=4, o    
Sun 2023/11/05 10:57:42 AM    System    -7123    ID 00BA :err=0, tag='status', num=44, nest=4, o    
Sun 2023/11/05 12:01:09 PM    System    -170001    [Auth:-10104] 78.153.140.221:32814->80, Num=36
Sun 2023/11/05 12:01:09 PM    System    -10108    Check log    
Sun 2023/11/05 12:16:03 PM    System    -5011    uuid:0    
Sun 2023/11/05 01:00:49 PM    System    -170001    [Auth:-10104] 83.97.73.87:43642->80, Num=37
Sun 2023/11/05 01:00:49 PM    System    -10108    Check log    
Sun 2023/11/05 02:16:03 PM    System    -5011    uuid:0    
Sun 2023/11/05 03:05:01 PM    System    -170001    [Auth:-10104] 83.97.73.87:41304->80, Num=38
Sun 2023/11/05 03:05:01 PM    System    -10108    Check log    
Sun 2023/11/05 04:11:01 PM    System    -170001    [Auth:-10104] 107.170.253.36:49884->80, Num=39
Sun 2023/11/05 04:11:01 PM    System    -10108    Check log    
Sun 2023/11/05 04:16:03 PM    System    -5011    uuid:0    
Sun 2023/11/05 04:29:28 PM    System    -170001    [Auth:-10104] 207.154.194.231:34266->443, Num=
Sun 2023/11/05 04:29:28 PM    System    -10108    Check log    
Sun 2023/11/05 04:29:30 PM    System    -170001    [Auth:-10104] 207.154.194.231:34278->443, Num=
Sun 2023/11/05 04:29:30 PM    System    -10108    Check log    
Sun 2023/11/05 04:29:42 PM    System    -170001    [Auth:-10104] 207.154.194.231:52664->443, Num=
 

[lgilsenberg]

Just a bump.  Does anybody have any suggestions on how to get rid of the errors popping up in the log?  Is this somebody trying to hack me or did I mess up the network configuration or ?????

[Techman]

Probably best to submit a support ticket. I've never come across the "check log" entry and it's not in the list of error codes.

[Geddy]

1 hour ago, lgilsenberg said:

did I mess up the network configuration

Did you do something recently to the network configuration that would make you think it would be messed up now? 

Otherwise, does kind of look like somebody might be running port scanning on you, but that's just a guess. 

I think @Techman is right the only "real" way to know is to open a support ticket and include the log (as a zip file) for them to review.

https://www.universal-devices.com/my-tickets

 

If you did make changes to the network settings please explain further. 

Have you added port forwarding on your router so that you can access the ISY while remote? If so, that's risky. The best way to securely access the ISY994 from a remote location would be through the UD Portal connection (make sure you have a strong password for the portal account!). 

Lastly, once you hear back from UDI on the support ticket please post the findings here so it might help others if they run into this issue they can learn what it was.

 

[lgilsenberg]

@Geddy  I did change the network configuration, swapping from one wireless router to another.  I just turned off port forwarding and everything has quieted down.  I appreciate the guidance. 

@Techman I would have opened a ticket, but I'm still on 994 until the ZWave and Matter board are back in stock.